Hi Norman,
If you are able to reproduce this issue, would you mind post the JSSE
debug log (by using Java System Property, "javax.net.debug=all")?
Please feel free to submit a bug.
Thanks & Regards,
Xuelei
On 5/17/2019 11:02 AM, Norman Maurer wrote:
Hi there,
We recently received a bug report in netty when JDK12 is used with
ChaCha chiphers:
https://github.com/netty/netty/issues/9150
Basically it seems like there is a problem in how it uses the ByteBuffer
internally:
|Caused by: java.lang.RuntimeException:
javax.crypto.ShortBufferException: Output buffer too small at
java.base/com.sun.crypto.provider.ChaCha20Cipher.engineDoFinal(ChaCha20Cipher.java:703)
at java.base/javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:826) at
java.base/javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:730) at
java.base/javax.crypto.Cipher.doFinal(Cipher.java:2503) at
java.base/sun.security.ssl.SSLCipher$T12CC20P1305ReadCipherGenerator$CC20P1305ReadCipher.decrypt(SSLCipher.java:2188)
at
java.base/sun.security.ssl.SSLEngineInputRecord.decodeInputRecord(SSLEngineInputRecord.java:240)
at
java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:197)
at
java.base/sun.security.ssl.SSLEngineInputRecord.decode(SSLEngineInputRecord.java:160)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108)
at
java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681)
at
java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636)
at
java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454)
... 25 common frames omitted Caused by:
javax.crypto.ShortBufferException: Output buffer too small at
java.base/com.sun.crypto.provider.ChaCha20Cipher$EngineAEADDec.doFinal(ChaCha20Cipher.java:1360)
at
java.base/com.sun.crypto.provider.ChaCha20Cipher.engineDoFinal(ChaCha20Cipher.java:701)|
Unfortunately I have no standalone reproducer yet but I just wanted to
bring it up here in case it helps.
It only happens on JDK12 it seems. Check the Netty issue for more details…
Bye
Norman
